Networking 2 Flashcards
1
Q
Network Address Translation (NAT)
A
- NAT was designed as a way to delay the problem of running out of IPv4 addresses.
- It is the reason we have public and private IP addresses.
- Someone thought, ‘what if we took a whole bunch of IP addresses and designated them as private?’. That means everyone in the world can use the same bunch of IP addresses on their local network and never have to worry about conflicts.
- The router is responsible for converting the packets that come in from public IP addresses to private IP addresses and vice versa.
- Ultimately, NAT was only ever meant to be a stop-gap solution, but it was very effective at delaying the coming problem. It meant that many computers could access the internet with only a single IPv4 address used up.
- It was so effective that even when a new internet protocol standard was released, which solved the IP address shortage problem, many people refused to switch to it and stuck with IPv4 and NAT.
2
Q
Internet Protocol Version 6 (IPv6)
A
- The new internet protocol standard, which was designed to solve the IP address shortage, was released as IPv6. IPv6 addresses are really long, and so they have rules about how they can be shortened, which frankly just increases the complexity.
An IPv6 address, without any shortening rules, looks like this:
2001:0db8:0000:0000:0000:ff00:0042:8329
After applying shortening rules, it looks like this: 2001:db8::ff00:42:8329.
- One of the most interesting things to consider is the lack of NAT.
- In an IPv6 world, each computer could have its own public IP address, and would not need to do NAT anymore, but NAT somewhat by accident is also a decent firewall.
- If you are behind NAT, computers on the outside cannot connect directly to you, unless you set up a NAT forwarding rule at the router to allow it.
- If someone on the internet wants to connect to your computer, they have to use your public IP address, which is also shared by the other computers on the network. When the router receives the connection request, it has no idea which computer on the local network that connection was intended for, so it drops it.
- Once we stop doing NAT, many computers that were protected pretty much by accident will suddenly be exposed to the internet.
3
Q
Subnets
A
- A subnet is a way of splitting a network up into segments.
- You often see it on local networks inside larger organisations, where one subnet might be assigned to one department and a different subnet to another.
- An IP address actually consists of two parts. One part is the network identifier, and one part is the host identifier.
- The problem is, in IP, the part that is the network identifier and the part that is the host identifier are variable. We therefore need something to tell us how big the network identifier is and how big the host identifier is. The subnet mask is what tells us this.
- Take 192.168.0.1 for example, and let’s say the computer with this IP address has a subnet mask of 255.255.0.0. That means the first two bytes (192.168) are the network identifier and the rest is the host identifier(0.1). So if the last two bytes are the host identifier, this local network can theoretically have 2^16 (65,536) computers connected to it before running out of space.
4
Q
Classless Inter-Domain Routing (CIDR)
A
- CIDR is a shorthand way of writing a subnet mask.
- To show the network 192.168.0.0 with a subnet mask of 255.255.0.0 in CIDR notation would be: 192.168.0.0/16.
- The /16 is the number of bits that is the network identifier.
- The same IP with the subnet mask of 255.0.0.0 (network identifier is 192.) would be written 192.168.0.0/8, and with a subnet mask of 255.255.255.0 (network identifier is 192.168.0), it would be 192.168.0.0/24.
5
Q
TCP Handshake
A
- The initial connection setup is called the TCP handshake.
1. The computer that initiates the connection (A) sends a packet with the ‘SYN’ flag enabled to the computer it wishes to connect to (B). This packet contains a sequence number, which is initially randomly generated.
2. Computer B will respond with a packet with the ‘SYN’ and ‘ACK’ flags set. This packet will contain a new sequence number that is randomly generated. It also contains an acknowledgement number, which is the sequence number that Computer A sent, incremented by 1.
3. Computer A will respond with a packet with just the ‘ACK’ flag (acknowledge), and this packet will contain the sequence number that Computer B sent, incremented by 1. - After this, the connection between the two computers has been established, and they can send data to each other. By monitoring the sequence and acknowledgement numbers, either side can tell if any data is missing and can ask for it to be re-transmitted.
6
Q
TCP Transmission
A
- When data is sent, the ACK number is incremented by the length (number of bytes) received in the transmission.
- Of course, in the handshake and the teardown, no data is being sent (length=0), but we increment it by one, even so, to show we received the packet, even though it didn’t contain any data.
7
Q
TCP Teardown
A
- When the connection ends, this is called the teardown.
1. The computer that wants to destroy the connection sends a ‘fin’ packet with the current sequence number.
2. Computer B will respond with an ‘ack’ packet, the packet will contain a sequence number and an acknowledgement number which is Computer A’s sequence number incremented by 1.
3. Computer B will send a ‘fin/ack’ packet. The packet will contain a sequence number and an acknowledgement number which is Computer A’s sequence number incremented by 1.
4. Computer A will respond with an ‘ack’ packet. The packet will contain an acknowledgement number which is Computer B’s sequence number incremented by 1. - If for some reason, the connection cannot be torn down gracefully using the protocol above, one part of the connection can terminate abruptly by sending an ‘rst’ (reset) packet, which will terminate the connection immediately.
8
Q
User Datagram Protocol (UDP)
A
- UDP is an incredibly simple protocol. There is no connection handshake and no teardown, simply because UDP does not care if the data gets to the intended party or not.
- It’s the lack of any of these additional features that TCP has that makes UDP so much faster and therefore ideal for real-time applications such as video chat.
- Realistically you don’t care if a single frame in a video never reaches the destination; you wouldn’t want to pause the whole video to wait for the data for that single frame to be re-transmitted since most people wouldn’t notice the missing frame.